An attacker establishes themselves on a system in such a way to enable the stealing of data over time. What kind of attack is this?

The scenario described involves an attacker who embeds themselves in a system to gradually steal data over a prolonged period. This type of attack is characteristic of Advanced Persistent Threats (APTs). APTs typically involve a coordinated, sustained effort by attackers to gain and maintain access to a system, often through multiple strategies, including exploiting vulnerabilities, social engineering, or using malware.

Once the attacker successfully gains access, they can then harvest sensitive data discreetly, evading immediate detection. This stealthy approach is a hallmark of APTs, distinguishing them from other attack types, which may be more opportunistic or limited in duration. The persistent nature of APTs implies ongoing surveillance and data extraction over time, as opposed to a single event, making this the most fitting description of the attack discussed in the question.

APTs are often associated with well-resourced attackers, including organized cybercriminal groups or nation-state actors, who have the capacity and intent to engage in extended campaigns targeting valuable information.